1) That's just plainly and self-evidently silly. `0 0 * * 0 certbot --nginx`. Season to taste. (There are more involved options out there--but you bought into them by making other choices ahead of time, and that's a learning experience for you to better understand your tradeoffs in the future.)
2) 20 years' expiration is a security risk that should not be taken. Letting you do that would be a bad idea not just for you--you can make stupid decisions on your own--but for anyone who connects to you, and you aren't entitled to do that.
I don't understand why someone who is theoretically a programmer would be so odd about this.
2) 20 years' expiration is a security risk that should not be taken. Letting you do that would be a bad idea not just for you--you can make stupid decisions on your own--but for anyone who connects to you, and you aren't entitled to do that.
I don't understand why someone who is theoretically a programmer would be so odd about this.